Sign in Subscribe

AC (Authentication Centre)

Last updated on 

The Authentication Centre (AC) is a critical component in mobile telecommunications systems that provides a high level of security for the subscriber identity and authentication processes. The AC is responsible for generating and storing the subscriber authentication data used to authenticate the subscriber's identity during the registration and authentication process.

In this article, we will explain the AC in more detail, including its architecture, functions, and how it works with other components in the mobile telecommunications system.

Overview of the Authentication Centre (AC)

The Authentication Centre (AC) is a database that is responsible for generating and storing the authentication data used to authenticate the subscriber's identity during the registration and authentication process. The AC is a critical component in the mobile telecommunications system that provides a high level of security for the subscriber identity and authentication processes.

The AC is part of the Home Location Register (HLR), which is a database that contains all the subscriber information and service profiles. The HLR is responsible for managing and updating the subscriber's profile, including the subscriber's location, service subscription, and authentication data.

The AC generates the Authentication Vector (AV), which consists of the following three parameters:

  • RAND: A random number generated by the AC
  • SRES: A 32-bit Signed Response, which is a hash value calculated by applying a secret key, K, to the RAND value using a one-way function.
  • Kc: A 64-bit Cipher Key, which is also calculated by applying the secret key, K, to the RAND value using a one-way function.

The AC sends the AV to the Visitor Location Register (VLR) when the subscriber roams outside their home network. The VLR uses the AV to authenticate the subscriber's identity during the registration process.

The AC is also responsible for generating and storing the authentication data used to authenticate the subscriber's identity during the call setup process. When the subscriber makes a call, the AC generates the SRES and Kc values and sends them to the Mobile Switching Centre (MSC), which is responsible for establishing the call. The MSC uses the SRES and Kc values to authenticate the subscriber's identity during the call setup process.

Architecture of the Authentication Centre (AC)

The AC is part of the Home Location Register (HLR) and is typically implemented as a separate database or as a module within the HLR. The AC is a highly secure database that is protected by multiple layers of security, including physical security, network security, and encryption.

The AC is typically implemented as a hardware security module (HSM), which is a highly secure computer that is designed to protect sensitive cryptographic keys and data. The HSM provides a secure environment for generating and storing the secret key, K, which is used to generate the SRES and Kc values.

The AC is designed to be highly available and reliable, with redundant components and backup systems to ensure that the authentication data is always available. The AC is also designed to be highly scalable, with the ability to support large numbers of subscribers and high transaction rates.

Functions of the Authentication Centre (AC)

The AC is responsible for several key functions in the mobile telecommunications system, including:

Generating Authentication Vectors

The AC generates the Authentication Vector (AV), which is used to authenticate the subscriber's identity during the registration and authentication processes. The AV consists of the RAND, SRES, and Kc values, which are generated by applying a secret key, K, to the RAND value using a one-way function.

The AC generates a new RAND value for each authentication request, which ensures that the authentication data is highly secure and cannot be predicted or reused.

Storing Authentication Data

The AC stores the authentication data for each subscriber, including the secret key, K, and the SRES and Kc values. The authentication data is highly secure and protected by multiple layers of security, including physical security, network security, and encryption. The authentication data is also highly confidential and is only accessible to authorized personnel.

Updating Authentication Data

The AC is responsible for updating the authentication data when necessary, such as when a subscriber changes their SIM card or mobile device. The AC generates a new set of authentication data for the subscriber, which is stored in the HLR and distributed to the VLRs as necessary.

Authenticating Subscriber Identity

The AC is responsible for authenticating the subscriber's identity during the registration and call setup processes. The AC generates the SRES and Kc values, which are used by the VLRs and MSCs to authenticate the subscriber's identity.

The SRES and Kc values are highly secure and cannot be predicted or reused, which ensures that the authentication process is highly secure and cannot be compromised.

Providing Security

The AC provides a high level of security for the subscriber identity and authentication processes. The AC generates highly secure authentication data, which ensures that the subscriber's identity is protected from fraud and other malicious activities.

The AC also provides a secure environment for generating and storing the secret key, K, which is used to generate the SRES and Kc values. The AC is protected by multiple layers of security, including physical security, network security, and encryption.

How the Authentication Centre (AC) Works

The AC works with several other components in the mobile telecommunications system to provide a highly secure and reliable authentication process.

When a subscriber roams outside their home network, the VLR requests the Authentication Vector (AV) from the subscriber's home network. The home network sends the AV to the VLR, which uses the AV to authenticate the subscriber's identity.

The VLR sends the RAND value to the mobile device, which uses the RAND value and the secret key, K, to generate the SRES and Kc values. The mobile device sends the SRES and Kc values to the VLR, which uses the SRES and Kc values to authenticate the subscriber's identity.

When a subscriber makes a call, the MSC requests the SRES and Kc values from the AC. The AC generates the SRES and Kc values and sends them to the MSC. The MSC uses the SRES and Kc values to authenticate the subscriber's identity during the call setup process.

The AC is responsible for generating and storing the authentication data, including the secret key, K, and the SRES and Kc values. The authentication data is highly secure and protected by multiple layers of security, including physical security, network security, and encryption.

Conclusion

The Authentication Centre (AC) is a critical component in the mobile telecommunications system that provides a high level of security for the subscriber identity and authentication processes. The AC is responsible for generating and storing the authentication data used to authenticate the subscriber's identity during the registration and authentication process.

The AC is part of the Home Location Register (HLR) and is typically implemented as a separate database or as a module within the HLR. The AC is a highly secure database that is protected by multiple layers of security, including physical security, network security, and encryption.

The AC provides several key functions in the mobile telecommunications system, including generating authentication vectors, storing authentication data, updating authentication data, authenticating subscriber identity, and providing security.

The AC works with several other components in the mobile telecommunications system to provide a highly secure and reliable authentication process. The AC is a critical component in the mobile telecommunications system that ensures the security and privacy of subscriber identities and authentication data.